Search smh:

Georgian websites forced offline in 'cyber war'

The Georgian parliament website, parliament.ge, was wiped and replaced with images comparing the Georgian president to Adolf Hitler.

Asher MosesAugust 12, 2008 - 11:58AM

Georgia and security experts have accused Russian
state-sponsored hackers of breaking into Georgian government and
commercial websites as part of a cyber war to supplement Russia's
military operations in South Ossetia.

- Official websites hacked
- 'Cyber warfare campaign'
- Site moved

Georgian President Mikheil Saakashvili's official website, as
well as the websites of the Ministry of Foreign Affairs, the
Ministry of Defence, the central government site and various
commercial sites, have all been forced offline over the past
week.

The Georgian Parliament website, parliament.ge, has been defaced
by the "South Ossetia Hack Crew". The site's content has been
replaced with images comparing Saakashvili to Adolf Hitler.

The Ministry of Foreign Affairs was forced to set up a blog on
Google's Blogger service as a temporary site while it battled to resurrect its
official homepage. News site Civil.ge followed its lead, claiming
its servers were under permanent attack.

Jart Armin, a researcher who publishes a blog tracking
the movements of the Russian Business Network (RBN) - a group of
state-sponsored hackers - called the flare-up a "full cyber siege
of Georgia's cyber space" by the RBN.

Armin said Georgian internet servers were controlled by foreign
attackers and internet traffic to them was being redirected to
servers in Moscow.

At the time of writing, president.gov.ge, mfa.gov.ge and
mod.gov.ge were back online but the central government site,
government.gov.ge, was still down. The President's site has been
moved to US servers.

"A cyber warfare campaign by Russia is seriously disrupting many
Georgian websites, including that of the Ministry of Foreign
Affairs," the Georgian Ministry of Foreign Affairs wrote in a
statement on its temporary blog.

The blog has allowed Georgia to spread information to mainstream
media and the West, knowing it would be difficult for the hackers
to target Google.

Security experts claim Georgia's websites were the subject of
sustained "denial-of-service" attacks, which flood the target with
visits in order to overload it and knock it offline.

Through Armin's RBN Exploit blog, Georgia warned people to use
caution when surfing to its official sites, particularly those
without any recent news, as they may be fraudulent.

The Shadowserver Foundation, which describes itself as a
"volunteer watchdog group of security professionals" who track
online hacking, said it had witnessed multiple attacks on both Georgian
government and commercial websites, such as news.ge,
newsgeorgia.ru, tbilisiweb.info and apsny.ge.

"While this flurry of activity appears to coincide with recent
events involving Russia and Georgia, we do not have solid
information surrounding the who and the why," Shadowserver's Steven
Adair said.

The President of Poland, Lech Kaczynski, weighed into the issue,
saying Russia was blocking "Georgian internet portals" to
supplement its "military aggression".

Kaczynski offered his own website to Georgia to aid in the
"dissemination of information".

Russian nationalists were also blamed for a cyber attack on
Estonia in April last year, which took out much of the country's
internet infrastructure.

The attacks were sparked by the removal of a Soviet war memorial
in Estonia's capital, Tallinn. Websites for the country's
government departments, banks, newspapers and other commercial
operators were all forced offline.

Estonia is reportedly sending cyber defence advisers from its
NATO Cyber Defence Centre - established after last year's attacks
in Tallinn - to Georgia to share their knowledge on dealing with
cyber warfare.